Various computing devices, including desktop computers, laptops, tablets, and mobile communication devices such as smart phones, execute applications and system processes according to software instructions stored in memory. Certain application processes or system service processes may have higher access permissions on the computing device (e.g. root access permission). These processes may be targeted by control-hijacking software, which aims to take control of a privileged process and execute malicious code. The goal of the control-hijacking software may try to obtain a shell or steal private data.
There are a number of different types of control-hijacking software attacks. For example, “stack smashing” may involve creating a stack buffer overflow and executing malicious code inserted into the stack. A heap buffer overflow works similarly to overflow the heap and cause execution of malicious code inserted in another location in memory. A return-oriented-programming or attack generates a stack overflow, followed by execution of selected portions of existing code that when connected together achieve a malicious purpose.